If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Virus with filename gate.php and path http://.....??

Hi,

Since yesterday I get a ZoneAlarm window every two minutes (!) saying it has detected and treated a High Risk Virus with filename gate.php
The path is an Internet address that I don't recognize (it's not part of my LAN): -http://91.218.36.xxx/.../gate.php-
I have run a full scan and it revealed no problems or threats.
Does anybody know what's going on?
I'm running the ZoneAlarm Security Suite on Windows7

Re: Virus with filename gate.php and path http://.....??

Sounds like an web page you are visiting is calling upon this page that is infected by malware. Identify the source of this problem and notify the web master. Other possibility is that you are infected by malware that tries to download components from the web. Finally, it could be a false positive by the antivirus in ZA.

You can scan internet web pages with virustotal:https://www.virustotal.com/#url
You will see that only Kaspersky is detecting it as malware (the antivirus engine in ZA). This may be an indication that is a false positive.

Re: Virus with filename gate.php and path http://.....??

Thanks Fax, You got me in the right direction with your suggestions.
I couldn't really agree with the first suggestion, since I wasn't really connecting to anything myself. The message kept popping up right after startup of the PC. The IP-address turned out to be from the Ukrain. I don't want to be a bigot, but that didn't make me feel very comfortable, so I couldn't agree with the virustotal conclusion as well.
I checked all the processes running on my system and I found one that I couldn't explain. It was audiohd.exe. I stopped the process and the warning message disappeared! I found the audiohd.exe hidden in a folder xxx\Roaming and I think that the problem is now solved. Unfortunate that ZoneAlarm couldn't identify the file as a virus/malware, because that's surely what it must be.